Returns an account's authorization-specific information for the specified {@code principals},
or {@code null} if no account could be found. The resulting {@code AuthorizationInfo} object is used
by the other method implementations in this class to automatically perform access control checks for the
corresponding {@code Subject}.
<p/>
This implementation obtains the actual {@code AuthorizationInfo} object from the subclass's
implementation of
{@link #doGetAuthorizationInfo(hunt.shiro.subject.PrincipalCollection) doGetAuthorizationInfo}, and then
caches it for efficient reuse if caching is enabled (see below).
<p/>
Invocations of this method should be thought of as completely orthogonal to acquiring
{@link #getAuthenticationInfo(hunt.shiro.authc.AuthenticationToken) authenticationInfo}, since either could
occur in any order.
<p/>
For example, in "Remember Me" scenarios, the user identity is remembered (and
assumed) for their current session and an authentication attempt during that session might never occur.
But because their identity would be remembered, that is sufficient enough information to call this method to
execute any necessary authorization checks. For this reason, authentication and authorization should be
loosely coupled and not depend on each other.
<h3>Caching</h3>
The {@code AuthorizationInfo} values returned from this method are cached for efficient reuse
if caching is enabled. Caching is enabled automatically when an {@link #setAuthorizationCache authorizationCache}
instance has been explicitly configured, or if a {@link #setCacheManager cacheManager} has been configured, which
will be used to lazily create the {@code authorizationCache} as needed.
<p/>
If caching is enabled, the authorization cache will be checked first and if found, will return the cached
{@code AuthorizationInfo} immediately. If caching is disabled, or there is a cache miss, the authorization
info will be looked up from the underlying data store via the
{@link #doGetAuthorizationInfo(hunt.shiro.subject.PrincipalCollection)} method, which must be implemented
by subclasses.
<h4>Changed Data</h4>
If caching is enabled and if any authorization data for an account is changed at
runtime, such as adding or removing roles and/or permissions, the subclass implementation should clear the
cached AuthorizationInfo for that account via the
{@link #clearCachedAuthorizationInfo(hunt.shiro.subject.PrincipalCollection) clearCachedAuthorizationInfo}
method. This ensures that the next call to {@code getAuthorizationInfo(PrincipalCollection)} will
acquire the account's fresh authorization data, where it will then be cached for efficient reuse. This
ensures that stale authorization data will not be reused.
@param principals the corresponding Subject's identifying principals with which to look up the Subject's
{@code AuthorizationInfo}.
@return the authorization information for the account associated with the specified {@code principals},
or {@code null} if no account could be found.
Returns an account's authorization-specific information for the specified {@code principals}, or {@code null} if no account could be found. The resulting {@code AuthorizationInfo} object is used by the other method implementations in this class to automatically perform access control checks for the corresponding {@code Subject}. <p/> This implementation obtains the actual {@code AuthorizationInfo} object from the subclass's implementation of {@link #doGetAuthorizationInfo(hunt.shiro.subject.PrincipalCollection) doGetAuthorizationInfo}, and then caches it for efficient reuse if caching is enabled (see below). <p/> Invocations of this method should be thought of as completely orthogonal to acquiring {@link #getAuthenticationInfo(hunt.shiro.authc.AuthenticationToken) authenticationInfo}, since either could occur in any order. <p/> For example, in "Remember Me" scenarios, the user identity is remembered (and assumed) for their current session and an authentication attempt during that session might never occur. But because their identity would be remembered, that is sufficient enough information to call this method to execute any necessary authorization checks. For this reason, authentication and authorization should be loosely coupled and not depend on each other. <h3>Caching</h3> The {@code AuthorizationInfo} values returned from this method are cached for efficient reuse if caching is enabled. Caching is enabled automatically when an {@link #setAuthorizationCache authorizationCache} instance has been explicitly configured, or if a {@link #setCacheManager cacheManager} has been configured, which will be used to lazily create the {@code authorizationCache} as needed. <p/> If caching is enabled, the authorization cache will be checked first and if found, will return the cached {@code AuthorizationInfo} immediately. If caching is disabled, or there is a cache miss, the authorization info will be looked up from the underlying data store via the {@link #doGetAuthorizationInfo(hunt.shiro.subject.PrincipalCollection)} method, which must be implemented by subclasses. <h4>Changed Data</h4> If caching is enabled and if any authorization data for an account is changed at runtime, such as adding or removing roles and/or permissions, the subclass implementation should clear the cached AuthorizationInfo for that account via the {@link #clearCachedAuthorizationInfo(hunt.shiro.subject.PrincipalCollection) clearCachedAuthorizationInfo} method. This ensures that the next call to {@code getAuthorizationInfo(PrincipalCollection)} will acquire the account's fresh authorization data, where it will then be cached for efficient reuse. This ensures that stale authorization data will not be reused.
@param principals the corresponding Subject's identifying principals with which to look up the Subject's {@code AuthorizationInfo}. @return the authorization information for the account associated with the specified {@code principals}, or {@code null} if no account could be found.